explorations in BlackMatter machine code and ELF parsing
#1
Outside of GreySec I've been starting to examine the recent BlackMatter ransomware, or at least attempting to do so.



I hope it isn't bad form to do this, but the posts are on my Medium profile here.



This is terra incognita for me, but I would happy to share additional insights or answer questions as well. Hopefully there is something of value there to those interested.

neftis
Reply
#2
It's fine to point people to venues other than GS, as long as the OP contains more than: "Look over here". After all my public and private projects related to GS don't all live on the forum either. Bad form would just be advertising for the sake of driving traffic to your venue. Pointing us to something you have been working on in a format that is not a BBS and providing the appropriate context is perfectly fine.

When i have a moment i'll check out what you've been working on over at Medium.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  RaaS forums and Markets wandenreich 10 6,944 03-23-2022, 02:07 AM
Last Post: Vector
  assembly and RE vs expanding into C2 creation / learning neftis 4 7,820 03-18-2022, 08:28 AM
Last Post: ubercage
  Malware Source-code Share Insider 6 21,976 02-22-2022, 06:50 PM
Last Post: itxfahdi
  Phishing and Spamming tool blackhat292 1 8,905 07-16-2021, 05:20 PM
Last Post: Vector